How to convert putty ppk file to pem file

Basically when you working on windows, you most likely use putty to connect to the server. Putty generates the ppk file as the private key.

But the ppk file cannot be using to connect classic linux server or ec2 in AWS. You need to convert this ppk file to pem first in order to use it.

for ubuntu:

$ sudo apt install putty-tools

for centos and other linux:

$ sudo yum install putty

Start converting the ppk to pem

$ puttygen key.ppk -O private-openssh -o key.pem

And you might want to set the permission

$ chmod 600 key.pem

Now the key.pem is ready to use.

Setup puppet master & puppet agent on Ubuntu 16.04

Overview

– puppet-master (ubuntu 16.04)
– db1 (ubuntu 16.04)

Setup puppet master

On master server, do the following steps:
Add puppet host in /etc/hosts

$ vim /etc/hosts
ip-private puppet-master

Install puppet master:

$ wget https://apt.puppetlabs.com/puppetlabs-release-pc1-xenial.deb
$ sudo dpkg -i puppetlabs-release-pc1-xenial.deb
$ sudo apt-get update -y
$ sudo apt-get install puppetserver -y

Change memory allocation:

open /etc/default/puppetserver, change the JAVA_ARGS to:

JAVA_ARGS="-Xms512m -Xmx512m"

Set puppet master hostname:

open/etc/puppetlabs/puppet/puppet.conf, and add the following lines at the bottom of the file:

....
[main]
certname = puppet-master
server = puppet-master
environment = production

Open port 8140:

$ sudo ufw allow 8140

Start the service, and enable to run on boot:

$ sudo systemctl start puppetserver
$ sudo systemctl enable puppetserver

Setup puppet agent

Add puppet-master host in /etc/hosts

$ vim /etc/hosts
ip-private puppet-master

Install puppet agent

$ wget https://apt.puppetlabs.com/puppetlabs-release-pc1-xenial.deb
$ sudo dpkg -i puppetlabs-release-pc1-xenial.deb
$ sudo apt-get update
$ sudo apt-get install puppet-agent

Add configuration for puppet agent:

$ vim /etc/puppetlabs/puppet/puppet.conf
[main]
certname = db1
server = puppet-master
environment = production

Start the service, and enableĀ  to run on boot:

$ sudo systemctl start puppet
$ sudo systemctl enable puppet

Sign the puppet agent certificate on puppet master

$ sudo /opt/puppetlabs/bin/puppet cert list
"db1" (SHA256) 7C:28:E8:AF:09:23:55:19:AF:C1:EE:C3:66:F2:02:73:AD:7F:53:17:28:CE:B0:26:AE:C7:6C:67:16:05:6F:2E

Sign the incoming certificate from specific hostname (db1):

$ sudo /opt/puppetlabs/bin/puppet cert sign db1

or if you prefer to sign all certificates at once, use this command:

$ sudo /opt/puppetlabs/bin/puppet cert sign --all

Test the connection:

$ sudo /opt/puppetlabs/bin/puppet agent --test